package com.lanmei.group.weixin.shiro;

import java.util.List;

import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.DisabledAccountException;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;

import com.lanmei.group.weixin.model.ManagerInfo;
import com.lanmei.group.weixin.model.RoleInfo;


public class MyRealm extends AuthorizingRealm {

	public String getName() {
		return "MyRealm";
	}

	@Override
	protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
		SimpleAuthorizationInfo info=new SimpleAuthorizationInfo();
		String loginName = (String)principals.getPrimaryPrincipal();
		List<RoleInfo> list = new RoleInfo().dao.find("select r.* from role_info r ,manager_info m ,"
					+ "user_role_ref f where r.`role_id` = f.`role_id` and f.`manager_id`= m.`manager_id` and m.`login_name` = '"+loginName+"'");
		for (int i = 0; i < list.size(); i++) {
			info.addRole(list.get(i).getRoleName());
		}
		return info;
	}

	@Override
	protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
		/*CaptchaUsernamePasswordToken authcToken = (CaptchaUsernamePasswordToken) token;

        if (authcToken.getUsername()==null||StrKit.isBlank(authcToken.getUsername())) {
            throw new AuthenticationException("用户名不可以为空");
        }

        String loginName=authcToken.getUsername();

        String extraStr=authcToken.getExtra();
        if (StringUtils.equals(extraStr, "admin")) {
            Admin admin = Admin.dao.findFirst("select * from admin where loginname = ? and islock=0 limit 1",loginName);
            if (null == admin) {
                throw new AuthenticationException("用户名或者密码错误");
            }else{
                return new SimpleAuthenticationInfo(admin, admin.getStr("loginpass"), getName());
            }
        }else {
            Students student = Students.dao.findFirst("select * from students where loginname = ? and enable =1 limit 1",loginName);
            if (null == student) {
                throw new AuthenticationException("用户名或者密码错误");
            }else{
                return new SimpleAuthenticationInfo(student, student.getStr("loginpass"), getName());
            }
        }   */
		String loginName = (String)token.getPrincipal();
		String pwd = new String((char[])token.getCredentials());
		ManagerInfo manager = new ManagerInfo().checkLogin(loginName, pwd);
		if(manager == null) {
			throw new UnknownAccountException();//用户名或密码错误
		}
		if(manager.getState()==1){
			throw new DisabledAccountException();//账号已被禁用
		}

		SimpleAuthenticationInfo authenticationInfo = new SimpleAuthenticationInfo(
				loginName, //用户名
				pwd, //密码
				getName()  //realm name
				);
		return authenticationInfo;
	}

}
